This document is a security audit report performed by RideSolo, where Clickscrow Token has been reviewed.
Symbol : CSW
Name : Clicks
Capped supply: 500,000,000
Decimals : 18
Standard : ERC20
2 issues were reported including:
- 2 low severity issues.
The value to be substructed is decreased using safemath sub function meaning that if the value is higher than the remaining allowance the transaction will throw when it could be set to zero instead. multiple scenario can be imagined for the end user.
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
_approve(msg.sender, spender, _allowed[msg.sender][spender].sub(subtractedValue));
return true;
}
Check if the allowance is lower than the value to be substracted and set the allowance to zero if the condition is met.
- It is possible to double withdrawal attack. More details here
- Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here
Add the following code to the transfer(_to address, ...) function:
require( _to != address(this) );
The audited contract is safe.